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DETAILED ACTION 

1 . Claims 1-34 have been examined 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 

U.S.C. 102 that form the basis for the rejections under this section made in this 

Office action: 

A person shall be entitled to a patent unless - 

(e) the Invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent or 
(2) a patent granted on an application for patent by another filed in the United States before 
the invention by the applicant for patent, except that an international application filed under 
the treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claimsl, 2,13,18-20,21-23,24-26,33 and 34 are rejected under 35 
U.S.C. 102(e) as being anticipated by Fangman. (US patent 6,687,245 B2) 

4. As per claims 1,1 8-1 9,20,25,26, 32,34:Fangmam discloses a 
method/product/apparatus for facilitating Internet security protocol (IPsec) based 
communications through a device that employs address translation in a 
telecommunications network, the method comprising the steps of: 

receiving a first electronic message from a first node, wherein the first 
electronic message is based on IPsec and is associated with a first 
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identifier;(col 3 lines 65 through line 2 and col 6 lines 30-34 and column 9 
lines 24-34 and col 24 lines 6- 26 col 18 lines 1-39)(l.e. the examiner 
interpreted 120A as the first node) 

generating a value based on the first identifier;(col 4 lines 1-12) 

sending the first electronic message to a second node;(col 18 lines 1-39)( 
the examiner interpreted telephone device as the second node) 

receiving a second electronic message from the second node, wherein the 
second electronic message is based on Ipsec and is associated with a second 
identifier that is different than the first identifier, wherein the second identifier is 
generated based on the first identifier^ column 9 lines 24-34 and col 24 lines 6- 
26 and col 18 lines 1-39) 

determining whether the second electronic message is directed to the first 
node based on the value and the second identifier; and(col 18 lines 1-39) ;(col 18 
lines 1-39)(the examiner interpreted the SG performs as NAT) 

sending the second electronic message to the first node when the second 
electronic message is determined to be directed to the first node. (col 18 lines 1- 
39) 

5. As per claim 2: Fangman discloses a method as recited in claim 1 , further 
comprising the steps of: 

receiving a third electronic message from a third node, wherein the third 
electronic message is based on Ipsec and is associated with a third identifier;(col 
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6 lines 1-46 and col 8 lines 14-24)(i.e. the examiner interpreted telephones 120B 
like third node) 

generating an additional value based on the third identifier^ col 18 lines 1- 

39) 

sending the third electronic message to the second node; (col 18 lines 1- 

3) 

wherein the step of receiving comprises receiving, after sending the first 
electronic message and the third electronic message to the second node, the 
second electronic message from the second node, wherein the second electronic 
message is based on Ipsec and is associated with the second identifier that is 
different than the first identifier and the third identifier^ col 6 lines 30-34 and 
column 9 lines 24-34 and col 24 lines 6- 26 and col 18 lines 1-39 and) 

determining whether the second electronic message is directed to the third 
node base on the additional value and the second identifier(col 18 lines 1-39); 
and when the second electronic message is determined to be directed to the 
third node, sending the second electronic message to the third node. (col 18 lines 
1-39) 

6. As per claim 21-23: Fangman discloses a method wherein the device 
employs network address translation (NAT), dynamic address (NAT) and network 
address port translation NAPT.(col 8 line 24-50) 
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7. As per claims 24,33: Fangman discloses a method for facilitating Internet 
security protocol (Ipsec) based communications through a device that employs 
address translation in a telecommunications network, the method comprising the 
steps of: 

receiving a first electronic message from a first node, wherein the first 
electronic message is based on Ipsec and is associated with a first identifier, 
wherein the first identifier is generated based on a second identifier and the first 
identifier is different than the second identifier; (col 16 lines 27-64) 

sending the first electronic message to a second node;( col 18 lines 1-39) 
receiving a second electronic message from the second node, wherein the 
second electronic message is based on Ipsec and is associated with the second 
identifier'^ col 9 lines 24-34 and col 18 lines 1-39). 

generating a value based on the second identifier; (col 16 lines 44-47) 
determining whether the second electronic message is directed to the first 
node based on the value and the first identifier(col 16 lines 27-44); and 

sending the second electronic message to the first node when the second 
electronic message is determined to be directed to the first node.( col 9 lines 24- 
34 and col 18 lines 1-39 and col 16 lines 27-44) 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

9. Claims 3-9,27 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Fangman in view of Jobst et al (herein after referred as Jobst) US Patent 
6,707,915 B1. 

10. As per claims 3,7,8,9,27: Fangman discloses claim 1 as recited above. He 
doesn't explicitly teach a method wherein the step of generating the value 
comprises the step of generating the value based on the first identifier and a 
specified scheme, and wherein the second identifier is generated based on the 
first identifier and the specified scheme. However Jobst teaches a method 
wherein the step of generating the value comprises the step of generating the 
value based on the first identifier and a specified scheme, and the second 
identifier is generated based on the first identifier and the specified scheme, (col 
7 line 23 through line 27 and col 10 line 50 through col 11 line 15).Therefore it 
would be obvious to one having ordinary skill in the art at the time the invention 
was made to employ the method of Jobst with the system of Fangman in order to 
provide secure IPsec communication through devices that employ address 
translation. 

11. As per claim 4, 5,6: Fangman discloses claim 1 as recited above. He 
doesn't teach explicitly a method wherein the specified scheme produces a fixed 
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length output, the specified scheme is a hash algorithm, and the hash algorithm 
is a MD5 one-way function and the hash value algorithm. However Jobst teaches 
a method wherein the specified scheme produces a fixed length output, the 
specified scheme is a hash algorithm, the hash algorithm is a MD5, one-way 
function and the hash value algorithm, (col 8 lines 50-59 ).Therefore it would be 
obvious to one having ordinary skill in the art at the time the invention was made 
to employ the method of Jobst with the system of Fangman in order to provide 
secure IPsec communication through devices that employ address translation. 

1 2. Claims 1 0, 1 2,28,29 are rejected under 35 U.S. C. 1 03(a) as being 
unpatentable over Fangman in view of Sharman et.al (herein after referred as 
Sharman) US Pub No 2003/0031151 A1. 

13. As per claims 10 and 12:Fangman discloses claim 1 as recited above. He 
doesn't explicitly teach a method wherein the first identifier is a first IPsec 
security parameter index and the second identifier is a second Ipsec security 
parameter index and the first electronic message is based on Ipsec 
Encapsulation Security Payload (ESP), the second electronic message is based 
on Ipsec ESP. However Sharman teaches a method wherein a method wherein 
the first identifier is a first IPsec security parameter index and the second 
identifier is a second Ipsec security parameter index and the first electronic 
message is based on Ipsec Encapsulation Security Payload (ESP), the second 
electronic message is based on Ipsec ESP [0025 and 0030].Therefore it would 
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be obvious to one having ordinary skill in the art at the time the invention was 
made to employ the method of Sharman with the system of Fangman in order to 
secure IPsec communication between network entities. 

14. As per claim 28: Fangman discloses claim 1 as recited above. He does 
not explicitly teach a method wherein the value is a hash value, the first identifier 
is a first Ipsec Security Parameter Index (SPI), the second identifier is a second 
Ipsec SPI, and the step of generating the second Ipsec SPI comprises the step of 
generating, prior to receiving the first electronic message, the second Ipsec SPI 
based on the hash value. However Sharma teaches a method wherein the value 
is a hash value, the first identifier is a first Ipsec Security Parameter Index (SPI), 
the second identifier is a second Ipsec SPI, and the step of generating the 
second Ipsec SPI comprises the step of generating, prior to receiving the first 
electronic message, the second Ipsec SPI based on the hash value.[0030,0062- 
0063] Therefore it would be obvious to one having ordinary skill in the art at the 
time to employ the method of Sharman with the system of Fanguman in order to 
secure Ipsec communication between network entities. 

15. As per claim 29: Fangman and Sharma discloses claim 28 as recited 
above. Furthermore Sharma teaches a method wherein the first Ipsec SPI is a 
first randomly generated fixed length value and the step of generating the second 
Ipsec SPI comprises the step of generating the second Ipsec SPI based on at 
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least a first portion of the hash value and a second portion of a second randomly 
generated fixed length value. . [0030,0062-0063]. 

16. Claims 11,14-17,31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over: Fangman in view of Brustoloni (herein after referred as 
Brustoloni) US Patent 6886103 B1. 

17. As per claim 1 1 : Fangman discloses claim 1 as recited above. He doesn't 
explicitly disclose wherein the first electronic message is based on Ipsec tunnel 
mode and the second electronic message is based on Ipsec tunnel mode. 
However Brustoloni teaches the first electronic message is based on Ipsec tunnel 
mode and the second electronic message is based on Ipsec tunnel mode, (col 6 
lines 40-45). Therefore it would be obvious to one having ordinary skill in the art 
at the time the invention was made to employ the method of Brustoloni with the 
system of Fangman in order to provide end-to-end security between the nodes at 
which packet is encapsulated and decapsulated. 

18. As per claims 14,15 and 16:Fangman discloses claim 1 as recited above. 
He doesn't explicitly disclose a method further comprising the steps of: when the 
second electronic message is determined to be directed to the first node, 
creating an association between the first identifier and the second identifier; and 
storing the association in a table. However, Brustoloni teaches a method further 
comprising the steps of: when the second electronic message is determined to 
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be directed to the first node, creating an association between the first identifier 
and the second identifier; and storing the association in a table (col 6 line 57 
through col 7 line 14 and col 7 line col 8 line 7). Therefore it would be obvious to 
one having ordinary skill in the art at the time the invention was made to employ 
the method of Brustoloni with the system of Fangman in order to secure Ipsec 
communication between the nodes. 

19. As per claim 17:Fangman and Bristoloni discloses claim 16 as recited 
above. Furthermore Bristoloni teaches method further comprising the steps of: 
receiving a third electronic message from the second node, wherein the third 
electronic message is based on Ipsec and is associated with the second 
identifier; and determining that the third electronic message is directed to the first 
node based on the association. (col 7 line 34-50). 

20. Claims 30,31 are rejected under 35 U.S.C 103(a) as being unpatentable 
over Fangman in view of Jobst et al(US Patent No 6,707,915 B1) in further view 
of Sharma et al.(US Pub.No 2003/0031151 A1) . 

21 . As per claims 30,31 Fangman discloses a method for facilitating Internet 
security protocol (IPsec) based communications through a device that employs 
address translation in a telecommunications network, the method comprising the 
steps of: 
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receiving a first electronic message from a first node, wherein the first 
electronic message is based on IPsec and is associated with a first 
identifier;(col 3 lines 65 through line 2 and col 6 lines 30-34 and column 9 
lines 24-34 and col 24 lines 6- 26 col 18 lines 1-39)(l.e. the examiner 
interpreted 120A as the first node) 

generating a value based on the first identifier;(col 4 lines 1-12) 

sending the first electronic message to a second node;(col 18 lines 1-39)( 
the examiner interpreted telephone device as the second node) 

receiving a second electronic message from the second node, wherein the 
second electronic message is based on Ipsec and is associated with a second 
identifier that is different than the first identifier, wherein the second identifier is 
generated based on the first identifier^ column 9 lines 24-34 and col 24 lines 6- 
26 and col 18 lines 1-39) 

determining whether the second electronic message is directed to the first 
node based on the value and the second identifier; and(col 18 lines 1-39) ;(col 18 
lines 1-39)(the examiner interpreted the SG performs as NAT) 

sending the second electronic message to the first node when the second 
electronic message is determined to be directed to the first node. (col 18 lines 1- 
39). 

Jobst teaches a method wherein the step of generating the value 
comprises the step of generating the value based on the first identifier and a 
specified scheme, and the second identifier is generated based on the first 



Application/Control Number: 10/052,279 Page 
Art Unit: 2136 

identifier and the specified scheme, (col 7 line 23 through line 27 and col 10 line 
50 through col 11 line 15). 

The combination of Frangman and Jobst doesn't teach Security 
Parameter index. However, Sharman teaches a method wherein the first Ipsec 
SPI is a first randomly generated fixed length value and the step of generating 
the second Ipsec SPI comprises the step of generating the second Ipsec SPI 
based on at least a first portion of the hash value and a second portion of a 
second randomly generated fixed length value. Therefore it would be obvious to 
one having ordinary skill in the art at the time the invention was made to employ 
the method of Frangman and Jobst with the system of Sharman in order to 
secure Ipsec communication between nodes through NAT. 

22. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO Form 892. 

23. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Fikremariam Yalew whose telephone number 
is 571-272-3852. The examiner can normally be reached on 8-5. 

24. If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 
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